Details
-
Type:
Bug
-
Status: Open
-
Priority:
Minor
-
Resolution: Unresolved
-
Affects Version/s: 4.7.1
-
Fix Version/s: None
-
Component/s: Backdrop Integration
-
Labels:
-
Versioning Impact:Patch (backwards-compatible bug fixes)
-
Documentation Required?:None
-
Funding Source:Needs Funding
Description
It seems that there may be a few problems in civicrm/CRM/Utils/System/Wordpress.php. I believe this started with 4.7.1, but may have been 4.7.0, when the cron jobs began failing. Using a third party WordPress authentication plugin called WPDirAuth, the cron jobs return a user/password error when using PHP, cURL, wget, and direct Firefox page loads. (Running manually from the Settings - Scheduled Jobs page works correctly.) Disabling the plugin allows the exact same calls to complete correctly. After opening up a ticket with the developer, the developer took a look at the CiviCRM code and found a number of issues. Here's the report:
"I downloaded civiccrm. They call wp_authenticate twice in the file civicrm/CRM/Utils/System/Wordpress.php at lines 305 and 427. At line 427, they've made an incorrect assumption. wp_authenticate returns either a user object, or an instance of WP_Error. It will never return false. Lines 428-433 will never happen. Also, at line 421, if they include pluggable.php and wpDirAuth hasn't loaded yet, wpDirAuth will be unable to handle wp_authenticate. in fact, given what I'm looking at in their code, I'm surprised you're not seeing a PHP error about not being able to redeclare wp_authenticate. Plugins should never load pluggable.php directly."
Here's the link to the ticket:
https://wordpress.org/support/topic/url-logins-disabled?replies=9#post-7990656
If these should be separate tickets, I can open them up that way, but it seems like it's all inter-related.